[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cisco access list - multihomed question



Just to chip in with one or two suggestions...

At 09:38 29/10/2001 +0300, Michuki Mwangi wrote:
>Brian,
>
>Ok i understand same thing here!. :oP
>
>Just one thing that i noticed with the route maps (having seen your initial
>message now  ;o) ) I once did try that and when using Next hope .... the
>router CPU utilization went wild!.
>So try and use something like
>
>match ip address
>Set interface X

Yup, basically use "set interface" if you have a point-to-point link and 
"set next-hop" only if you have a broadcast media like a LAN.

>One thing that you need to also try to see is what will happen to the
>traffic once the interface set goes down ..?. Will the traffic take the
>default route out ..?

It resorts to the standard routing table. Consider policy routing as a way 
of bypassing the standard routing table in the router. The lab Barry 
mentioned actually demonstrates this.

>Also on the interface you apply the rout-map use
>IP route-cache policy
>
>For fast switching on policy routing.

Yes, very necessary, otherwise policy routing will be process switched and 
the CPU load will increase somewhat...

philip
--



>If you are indeed trying to achieve Qos then maybe you can use Class-maps
>instead and always have your traffic use either of the links out but as
>priority traffic.
>
>my two cents worth
>
>Michuki.
>
>
>----- Original Message -----
>From: Brian Longwe <blongwe at psg.com>
>To: Michuki Mwangi <michuki at swiftkenya.com>
>Cc: <bgreene at cisco.com>; <afnog at afnog.org>
>Sent: Monday, October 29, 2001 9:26 AM
>Subject: Re: Cisco access list - multihomed question
>
>
> >
> > Hi Michuki :-)
> >
> > I checked, its supported....the problem is that in the typical Kenyan
>style I'm doing 339 things on the same router - when I enable CEF the mem
>usage and cpu cycles go so high that the router starts choking...
> >
> > ...still trying to convince the purse holders to fork out $$$ for more
>equipment ;-)
> >
> > I *have* managed to get fast switching enabled without the router going
>south, so I think I'm on the high road...now all I need it get the logic for
>my route-map right...
> >
> > Longwe
> >
> > On Mon, 29 Oct 2001 08:52:26 +0300
> > "Michuki Mwangi" <michuki at swiftkenya.com> wrote:
> >
> > > The WCCP with CEF  enabled might be failing due to the IOS version you
>have.
> > > I think not sure that its supported on 12.1(11).
> > >
> > > Regards,
> > >
> > > Michuki.
> > >
> > > ----- Original Message -----
> > > From: Brian Longwe <blongwe at psg.com>
> > > To: Barry Raveendran Greene <bgreene at cisco.com>
> > > Cc: <afnog at afnog.org>
> > > Sent: Monday, October 29, 2001 7:44 AM
> > > Subject: Re: Cisco access list - multihomed question
> > >
> > >
> > > >
> > > > I'm going to try it with fast switching <route-cache> on the
>Interface,
> > > should work
> > > >
> > > > (touch wood)
> > > >
> > > > Longwe
> > > >
> > > > >
> > > > > It should work with out CEF (original optimum/flow based PBR code).
>It
> > > will
> > > > > just be faster with the CEF code.
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: owner-afnog at uol.co.ug [mailto:owner-afnog at uol.co.ug]On
>Behalf Of
> > > > > > Brian Longwe
> > > > > > Sent: Sunday, October 28, 2001 9:10 AM
> > > > > > To: Barry Raveendran Greene
> > > > > > Cc: afnog at afnog.org
> > > > > > Subject: Re: Cisco access list - multihomed question
> > > > > >
> > > > > >
> > > > > > Thanks for the response Barry....
> > > > > >
> > > > > > Is it only implementable(sic) in CEF? I am not using CEF at the
> > > > > > moment because when I enable it, the router seem to go into too
> > > > > > many cpu cycles and my wccp sessions drop, killing browsing for
> > > > > > my customers....
> > > > > >
> > > > > > Thanks,
> > > > > >
> > > > > > Brian
> > > > > >
> > > > > > On Sun, 28 Oct 2001 08:04:17 -0800
> > > > > > "Barry Raveendran Greene" <bgreene at cisco.com> wrote:
> > > > > >
> > > > > > > Hello Brian,
> > > > > > >
> > > > > > > Rephrasing - you want packets with a source address x.y.z.0/25
> > > > > > to bypass the
> > > > > > > forward table (FIB) and be forwarded in a direction of you
>choice.
> > > > > > >
> > > > > > > So what you are looking for is a "FIB bypass" feature. On the
> > > > > > Cisco (where
> > > > > > > is was first created) it is called Policy Based Routing (PBR).
> > > > > > >
> > > > > > > There is a lab on PBR in the ISP Workshop materials
> > > > > > > (http://www.cisco.com/public/cons/workshops/) and found via key
>word
> > > > > > > searching on Cisco's web site. Note that in the middle of 12.0
> > > > > > we made PBR a
> > > > > > > CEF feature - allowing it to handle more PPS and not be process
> > > > > > switched. So
> > > > > > > check the documentation for any specific details.
> > > > > > >
> > > > > > > Also note that this will only take care of traffic being
> > > > > > forwarded upstream
> > > > > > > to the provider. It will not handle downstream traffic. For
> > > downstream
> > > > > > > flows, tweaking BGP advertisements would be you best option.
> > > > > > >
> > > > > > > Barry
> > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: owner-afnog at uol.co.ug [mailto:owner-afnog at uol.co.ug]On
> > > Behalf Of
> > > > > > > > Brian Longwe
> > > > > > > > Sent: Saturday, October 27, 2001 8:18 AM
> > > > > > > > To: afnog at afnog.org
> > > > > > > > Subject: Cisco access list - multihomed question
> > > > > > > >
> > > > > > > >
> > > > > > > > Hi,
> > > > > > > >
> > > > > > > > The scenario.
> > > > > > > >
> > > > > > > > - Two upstream circuits on the same border router
> > > > > > > > - I want to use one to carry (outgoing) traffic for certain
> > > > > > > > customer networks only
> > > > > > > > - I want to use the other as the standard default for all
>other
> > > > > > > > customer traffic
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >    Upst #1 s0/0     [---------]
> > > > > > > > --------------------[         ]< Upst #1 should route traffic
>for
> > > > > > > > x.y.z.0/25
> > > > > > > >                     [         ]
> > > > > > > > --------------------[         ]
> > > > > > > >    Upst #2 s1/0:16  [---------]< Upst #2 should route traffic
>for
> > > > > > > > all others
> > > > > > > >
> > > > > > > > - Both upstream connections go to the same provider
> > > > > > > > - There is no BGP with upstream provider, only static
> > > > > > defaults (until now)
> > > > > > > >
> > > > > > > > Instinctively I want to define route-maps to block traffic for
>#2
> > > > > > > > from #1 and block traffic for #1 from #2 with a "next-hop"
> > > > > > > > statement to redirect in each route-map.
> > > > > > > >
> > > > > > > > Is this the right logic? Anyone with similar experience who
> > > > > > can give tips?
> > > > > > > >
> > > > > > > > Thanks,
> > > > > > > >
> > > > > > > > Brian Longwe
> > > > > > > >
> > > > > > > > -----
> > > > > > > > This is the afnog mailing list, managed by Majordomo 1.94.4
> > > > > > > >
> > > > > > > > To send a message to this list, e-mail afnog at afnog.org
> > > > > > > > To send a request to majordomo, e-mail majordomo at afnog.org and
>put
> > > > > > > > your request in the body of the message (i.e use "help" for
>help)
> > > > > > > >
> > > > > > > > This list is maintained by owner-afnog at afnog.org
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > -----
> > > > > > > This is the afnog mailing list, managed by Majordomo 1.94.4
> > > > > > >
> > > > > > > To send a message to this list, e-mail afnog at afnog.org
> > > > > > > To send a request to majordomo, e-mail majordomo at afnog.org and
>put
> > > > > > > your request in the body of the message (i.e use "help" for
>help)
> > > > > > >
> > > > > > > This list is maintained by owner-afnog at afnog.org
> > > > > > >
> > > > > > >
> > > > > >
> > > > > > -----
> > > > > > This is the afnog mailing list, managed by Majordomo 1.94.4
> > > > > >
> > > > > > To send a message to this list, e-mail afnog at afnog.org
> > > > > > To send a request to majordomo, e-mail majordomo at afnog.org and put
> > > > > > your request in the body of the message (i.e use "help" for help)
> > > > > >
> > > > > > This list is maintained by owner-afnog at afnog.org
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > -----
> > > > > This is the afnog mailing list, managed by Majordomo 1.94.4
> > > > >
> > > > > To send a message to this list, e-mail afnog at afnog.org
> > > > > To send a request to majordomo, e-mail majordomo at afnog.org and put
> > > > > your request in the body of the message (i.e use "help" for help)
> > > > >
> > > > > This list is maintained by owner-afnog at afnog.org
> > > > >
> > > > >
> > > >
> > > > -----
> > > > This is the afnog mailing list, managed by Majordomo 1.94.4
> > > >
> > > > To send a message to this list, e-mail afnog at afnog.org
> > > > To send a request to majordomo, e-mail majordomo at afnog.org and put
> > > > your request in the body of the message (i.e use "help" for help)
> > > >
> > > > This list is maintained by owner-afnog at afnog.org
> > > >
> > > >
> > >
> > >
> > >
> >
>
>
>
>-----
>This is the afnog mailing list, managed by Majordomo 1.94.4
>
>To send a message to this list, e-mail afnog at afnog.org
>To send a request to majordomo, e-mail majordomo at afnog.org and put
>your request in the body of the message (i.e use "help" for help)
>
>This list is maintained by owner-afnog at afnog.org


-----
This is the afnog mailing list, managed by Majordomo 1.94.4

To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is maintained by owner-afnog at afnog.org